Вы находитесь на странице: 1из 4

6124, Block D, Tower 9, Crossing Republik

Ghaziabad, India, Pin- 201009


Email id vishal.mishra.dit@gmail.com
Phone Number: +91-9650333427

Vishal Mishra
Profile
More than 8 years of IT industry experience in protecting networks, systems and information
assets for diverse companies and organizations.
Good knowledge and experience in Designing, Implementing, Integration, Transition and
Managing end-to-end SIEM(Qradar, ArcSight ,RSA envision & Security Analytics) and SOC
solutions for leading Financial institutions, Banks, Retail and Petroleum clients over Europe, UK ,
US & Asia Pacific Region.
Good experience in creating and implementing Use Case libraries mapped to client policies,
compliance and security requirements
Performed Project management for SIEM solution for different clients as individual and as team
I have designed Security Operations Centre for organizations from scratch providing a platform
for enhanced security and threat intelligence.
I have also led team of 50 members on delivering IT Security projects using multiple Security
Information and Event Management (SIEM) used in Security Operations Centre at the global
level.
Good communication skills, interpersonal skills, self-motivated, quick learner, team player.

Experience & Notable Accomplishments

One of the top Bank in Netherlands Review and assess existing set of use cases, provide gap
analysis based on business & technical requirement.
One of the top Indian Business Process Outsourcing- Blueprint design for next generation
Security Intelligence platform.
Log management expansion for International provider of financial services technology and
outsourcing services in APAC, US , South America & Australia - Interface with technology team
to gather information for all phases of designing, planning, and implementing SIEM(Qradar, ArcSight
,RSA envision & Security Analytics) tool. Meeting with Senior Managers to discuss the features of
SIEM Tool. Deliver services from information gathering and documentation to assessment, project
plan development/management, architectural design and documentation, implementation, and
knowledge transfer activities.
Numerous Banks in APAC & Biggest South American card processor - SOC Program & SIEM
Implementation(Qradar, ArcSight ,RSA envision & Security Analytics)
International provider of financial services technology and outsourcing services - Design &
Implementation of SOC , building SOC operations , handling transition activity for SIEM setup.

1
Professional Experience

Aug 31 2015 Till date, Senior Advisor y Consultant IBM, Noida


.
Project - Implementation of SOC for a large Bank based in Netherland (1 year Onsite
Assignment)
As a Senior Consultant responsible for Analysis, design, deployment, testing and implementation of
SIEM solutions.
Assess current set of use cases, rule base and data sources, identify and prepare high level use
case recommendations.
Review business/technical requirements, identify gaps, opportunities for improvement.
Environment: SIEM(Qradar) tool
Team Size : 2 Members

March 2015 August 2015, Deput y Manager Deloitte, Gurgaon

Project- Blueprint design for next generation Security Intelligence platform for largest BPO of
India

Responsible for managing individual utilization, meeting customer expectations, and driving
completion of items outlined in the statement/Scope of work and associated project plans.
Prepare a high-level engagement plan and finalize with stakeholders.
Gather information about the current state implementation of SOC through meetings and in-depth
discussions with identified teams.
Record the process gaps and document current state analysis of organization infrastructure.
Prepare a high-level design/ blue-print for the to-be solution for Security Intelligence Platform.
Define the logging criteria for identified key event sources taking into consideration impact during
peak and off-peak hours.
Design high-level correlation rules covered through well-defined use cases.
Define the Functional Requirement Specification (FRS) for a Security Intelligence Platform.
Provide high level mapping or comments on different vendors that meet the blue-print/ design.

Environment: SIEM(Qradar, ArcSight ,RSA envision & Security Analytics)


Team Size : 2 Members

April 2012 March 2015, Manager Information Security FIS Global Business Solution
Gurgaon

Below are the details of Major onsite Projects:


US (RSA envision) SIEM implementation
Sao Paulo (ArcSight SOC Operations Delivery)
Philippines (RSA enVision) implementation for national Bank

2
US (Security Analytics SOC Operations) SIEM event source onboarding
Australia (QRadar) SIEM content development and onboarding of data sources
Asia Pacific (Security Analytics) content development and onboarding of event sources
Asia Pacific migration from RSA enVision to Security Analytics SIEM.

As a part of the program FIS aims to implement Information Security Event Monitoring System that spans
across existing IT systems, applications and networks to detect cyber threats and act in time. It works by
implementing SIEM tool across FIS.
Below are my responsibilities as Information Security Manager:
Interface with technology team to gather information for all phases of designing, planning, and
implementing SIEM tool. Meeting with Senior Managers to discuss the features of SIEM Tool.
Deliver complex services from information gathering and documentation to assessment, project plan
development/management, architectural design and documentation, implementation, and knowledge
transfer activities.
Creating Senior Management Report to ensure all compliance followed while creating security
policies and procedures.
Coordinate/participate in technical training and product updates with business partners.
Managing a team for monitoring of events (related to cyber threats/attacks) from security devices on
SIEM tool to ensure that the companys IT Infrastructure is secured and safe from external/internal
cyber-attacks.
Manage day to day operations of the Security Operations Center (SOC).
Direct and lead performance of up to 50 associates.
Updating team on latest security trends and products. Work on threat advisories and mitigation.
Perform routine actions to monitor security, service outage, performance issues on our sites and
reviewing reports on timely basis.
Environment: RSA envision, Security Analytics, QRadar & ArcSight SIEM Tools.
Team Size : 50 Members

September 2009 August 2011, Specialist Securit y HCL Comnet Ltd., Noida

Implementation, Maintenance & Troubleshooting network of Clients. Monitoring customer Network in


security operation Center to identify security breaches, service outages, network performance issues.
Troubleshooting with Clients routers and switches. Interacting with clients for any issues.
Monitoring ticket queue and carry out second level analysis incidents identified by SOC

March 2008 August 2009, SOC Engineer Securview Syst ems, Pune

Monitoring, Reporting and Managing clients network in Security Operation Centre using various
Security Information and Monitoring tools such as RSA envision and Network monitoring with Solar
winds, Nagios & Cisco CMD.
Monitor network security events received from customer's monitored servers, and then take
appropriate action based on customer's security policy

3
Education:
2007 2008 Post Graduation Diploma in System and Database Administration from CDAC Noida.
2003 2007 Bachelor of Technology in Electronics & Communication Engineering from Uttar
Pradesh Technical University Lucknow, India

Awards & Appreciations:

IBM Solutions Excellence Award in April & August 2016


Special Achievement award in Information Security by CISO Platform (2015)
FIS All Inclusive Management (FAIM) Award in 2014
Star Performer received from FIS CISO 2014

Professional Certifications and Trainings:

RSA envision Certified Security Engineer


RSA envision Foundation Level Certified ( Registration Number 246031154)
RSA Net Witness Forensics Fundamentals
RSA Net Witness Analysis
RSA envision Service Implementation Certified ( Registration Number 246462665)
Cisco Certified Network Associate (Cisco ID : CSCO11410658)
Cisco Certified Security Professional (Cisco ID : CSCO11410658)
Cisco Certified Network Professional Building Scalable Cisco Internetworks(BSCI)
Microsoft Certified Professional
ISO 31000:2009 Risk Management Principles & Guidelines Implementation Certified.
Certified Payment Card Industry Security Implementer (PCI DSS Version 3.0)
ISO 27001: 2013 Implementation
ISO 27001: 2013 IRCA Lead Audit